SA64 : Multiple Sun ONE Directory Server vulnerabilities in PolicyCenter

PolicyCenter

0 more products

1240

03 March 2020

10 January 2012

CLOSED

MEDIUM

CVSS v2: 6.1

SUMMARY

PolicyCenter installs and uses a version of Sun Directory Server (5.2) that has a number of publicly documented vulnerabilities. The most severe vulnerabilities allow a remote attacker to mount a denial of service attack.

AFFECTED PRODUCTS

All versions of PolicyCenter prior to 8.7.2 are vulnerable. PolicyCenter 8.7.2 and higher continue to be vulnerable when used with Sun ONE Directory Server 5.2.

Patches

  • PolicyCenter 8.7 - a fix is available in 8.7.2. PolicyCenter 8.7.2 must be installed on Windows Server 2008 in order to use Sun Directory Server 7.0.
  • PolicyCenter 8.6 and earlier - please upgrade to a later release.  These versions of PolicyCenter cannot be installed on Windows Server 2008 and therefore cannot use Sun Directory Server 7.0.

ISSUES

CVE-2009-1332 - CVSS base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2009-0576 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2007-3225 - CVSS base score: 4.8 (AV:A/AC:L/Au:N/C:P/I:P/A:N)
CVE-2007-3224 - CVSS base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2007-2466 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-4175 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-3127 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-2513 - CVSS base score: 5.8 (AV:A/AC:L/Au:N/C:P/I:P/A:P)
 

PolicyCenter installs and uses Sun ONE Directory Server 5.2. This version of the Sun ONE Directory Server has a number of publicly documented vulnerabilities.

The most severe vulnerabilities allow a remote attacker to mount a denial of service attack. Others allow a remote attacker to gain read and write access to specific data stored or managed by the Directory Server.  This data may include PolicyCenter configuration data.

When PolicyCenter is deployed behind a firewall, as is recommended, an attacker must gain access from the internal network in order to mount an attack. The CVSS base scores included in this advisory are based on this deployment scenario.

If PolicyCenter is deployed outside of the firewall. the CVSS base score for all CVEs listed would be higher. The CVSS base score for this security advisory would be a 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C).

PolicyCenter 8.7.2 contains an upgrade to Sun Directory Server version 7.0 that fixes all the CVEs documented in this Security Advisory. Note that Sun Directory Server 7.0 must be installed on Windows Server 2008. When installing PolicyCenter 8.7.2 on a Windows 2000 or 2003 server, Sun Directory Server 5.2 is installed and will still have the security vulnerabilities listed in this advisory.

Note that Sun ONE Directory Server 7.0 does not address CVE-2010-0708. A fix for this vulnerability has not been published. PolicyCenter continues to be vulnerable to CVE-2010-0708.

MITIGATION

Blue Coat recommends that PolicyCenter be deployed behind a firewall. Additional constraints on what IP addresses can be used to connect to PolicyCenter will greatly limit the ability to attack a PolicyCenter installation.

REFERENCE

CVE-2009-1332 - https://nvd.nist.gov/vuln/detail/CVE-2009-1332
CVE-2009-0576 - https://nvd.nist.gov/vuln/detail/CVE-2009-0576
CVE-2007-3225 - https://nvd.nist.gov/vuln/detail/CVE-2007-3225
CVE-2007-3224 - https://nvd.nist.gov/vuln/detail/CVE-2007-3224
CVE-2007-2466 - https://nvd.nist.gov/vuln/detail/CVE-2007-2466
CVE-2006-4175 - https://nvd.nist.gov/vuln/detail/CVE-2006-4175
CVE-2006-3127 - https://nvd.nist.gov/vuln/detail/CVE-2006-3127
CVE-2006-2513 - https://nvd.nist.gov/vuln/detail/CVE-2006-2513

REVISION

2012-01-17 Changed status to final
2012-01-16 Removed PacketWise as an OS search criteria.
2012-01-10 Initial public release